Sign up for our weekly security newsletter

Ransomware Leaves Russia for Germany and US

According to Trend Micro, which published some newly-gathered statistics, the Russian market isn't any longer inflicted with ransom Trojans as the malware has navigated to other countries like Germany and USA.

Reportedly, the Smart Protection Network cloud of Trend Micro states that USA ranks first among the ransom-infected countries, with slightly more than 2,000 infections surpassing Germany and Hungary with 1,203 and 561 infections respectively. More countries on the list are France -520, Russia -207, Australia -175, Italy -119 and Taiwan -89.

Further as per Trend Micro, the rise in ransomware beyond Russia is because of the increasing problems encountered with phony anti-viruses and modes-of-payment. Fake anti-virus business comprises an economic situation with players as malware developers, ringleaders, affiliate networks or middlemen, advertisers etc. The difficulties in getting about with this business prompts crime syndicates to look for other avenues of underground trade like that of ransomware, which consequently is spreading and thriving.

Threat Response Engineer Roland Dela Paz of Trend Micro elaborates that during the distribution of ransomware via middlemen dealing with FAKEAVs, the assaults are perpetrated utilizing payment systems like Paysafecard or Ukash rather than the conventional credit card systems. The Paysafecard and Ukash system of payments are profusely popular online which don't require personal information. This kind of anonymity therefore quite naturally proves beneficial for Internet crooks and as observable they're exploiting the systems in doing the ransomware trade. Blog.trendmicro.com published this on March 8, 2012.

In the meantime, according to the researchers, ransomware infections aren't too many in relation to other malicious programs; however, the attacks aren't designed for striking numerous people in a single attempt rather strike against a few targets through security-elusive campaigns, while extort huge sums out of the victims.

Notably, ransomware attacks remained few for several years, but unexpectedly began increasing enormously during mid-2010, with one wherein the attackers blamed Windows users with using the operating system's counterfeit edition and so suggested paying $143.

Other instances of the recent time include assaults against French nationals that masqueraded as the Gendarmerie resident; and those inside Belgium, distributing notices supposedly from Germany's Bundespolizei and Belgium's e-Cops.